We performed a comparison between Rapid7 InsightConnect and Splunk SOAR based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The initial setup is very simple and straightforward."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"It's pretty powerful and its performance is pretty good."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The tool is stable. The initial setup is straightforward. The product is user-friendly."
"Technical support is helpful."
"It helps increase efficiency and productivity."
"Our customers find it easy to conduct searches and consider it an excellent content management system."
"I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks."
"The most valuable features of Splunk SOAR are the easy integration with other solutions, including other Splunk solutions. The most important playbooks we need on the market come already on the Frontend. However, nowadays, Splunk changed its name, it's not Frontend anymore, it's Splunk Store. This is a very strong point."
"Very flexible integration with other tools"
"The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me."
"The customization continues to be excellent."
"The reporting could be more structured."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The technical support should be improved."
"Splunk SOAR has room to improve its offering for small-sized customers. The price is not fair for smaller-sized customers."
"The pricing could be a bit more reasonable. It would be great if it were feasible for smaller organizations."
"We've had trouble implementing the solution with Microsoft products. There seems to be an integration gap."
"In my opinion, the focus should be on improving its simplicity, specifically the interface, and configuration."
"The UI can be more customizable for the clients."
"The algorithm and machine learning have room for improvement and can be more user-friendly."
"The scalability could be better."
"have put a number of ideas on the ideas.splunk.com site for feature requests for the Splunk SOAR product. I posted one of them about three years ago, which finally got implemented in the latest release that just got announced, so the time to implement new features and things like that is a little bit concerning."
Rapid7 InsightConnect is ranked 22nd in Security Orchestration Automation and Response (SOAR) with 2 reviews while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 30 reviews. Rapid7 InsightConnect is rated 8.0, while Splunk SOAR is rated 8.0. The top reviewer of Rapid7 InsightConnect writes "Excellent security orchestration and automation AI features". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Rapid7 InsightConnect is most compared with Palo Alto Networks Cortex XSOAR, ThreatConnect Threat Intelligence Platform (TIP), CrowdStrike Falcon and ServiceNow Security Operations, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, Cortex XSIAM, ServiceNow Security Operations, Torq and Cisco SecureX. See our Rapid7 InsightConnect vs. Splunk SOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.